by

VulnHub - Bulldog 1 Walkthrough

In this weekend, I will try to write a walkthrough to the VulnHub Bulldog 1. You can download this CTF VM on VulnHub’s website. First, I need to find some open port on the target machine.

I got 3 open ports on the target machine. Now let’s find out what services are running on

by

Evolution of attacks on web applications

Attacks on web applications open wide opportunities for intruders: this is the theft of critical information or sensitive information; Breaking business logic for financial gain; Also, a successful attack of a web application can be a harbinger of hacking the company’s corporate network. In this article, I’ll talk about the evolution of Web application attacks.

by

How to Install Fiddler on Kali Linux

Fiddler is a free web debugging proxy which logs all HTTP(s) traffic between your computer and the Internet. Use it to debug traffic from virtually any application that supports a proxy like IE, Chrome, Safari, Firefox, Opera and more. Fiddler could be easily manipulate and edit web sessions. All you need to do is set

by

What is Android Application Components?

Android application components are essential building blocks of an Android App. Every app is built as a combination of some or all of those components, which can be invoked individually. There are four main components in Android; Activity, Service, Content Providers and Broadcast Receivers, which are explained below : Activity This android application components to

by

How to install usbmuxd on Kali Linux

What is usbmuxd? usbmuxd stands for “USB multiplexing daemon”. This daemon is in charge of multiplexing connections over USB to an iOS device. To users, it means you can sync your music, contacts, photos, etc. over USB. To developers, it means you can connect to any listening localhost socket on the device. usbmuxd is not

by

How To Split Linux Terminal

Hi folks, Sometimes we want to run a command while inspecting the results. Here is the tips how to split linux terminal by using screen. First activate screen :

Split terminal horizontally :

Split terminal vertically :

Activating window :

Move between window :

Thats how to split linux terminal.

by

Playing Around With PentestIt.Ru Testlab v.10 – Part 2

Lets continue the last article since i was busy with my real life. From the last article i successfully get into the server from SSH service. Now lets enumerate the network inside the server based on this network diagram. First, lets check if Nmap already installed on the server:

Great!! lets mapping the network.

by

Playing around with pentestit.ru testlab v.10 - Part 1

Lets playing around with pentestit.ru testlab v.10. Target IP : 192.168.101.9 Nmap :

Lets check HTTP header on port 80 :

I tried to open the IP address through web browser but its like taking forever to load the page. 🙁 Ok, lets examine the source of the page:

I found store.gds.lab domain inside

by

PHP - Fully Undetectable Web Shell

Today, i wanna try to create a simple undetected (hopefully FUD) web shell backdoor. I am using VirusTotal (yes, i want them to check my file, lol..). So, what is FUD? Fully undetectable (usually shortened as “FUD”) can stand for data that had been encrypted, making it appear to be random noise. It can also stand

by

Buffer Overflow Golang Fuzzer (64bit)

Hi there, Today i just want to share about buffer overflow and a fuzzing tool to check buffer overflow vulnerability. What is Buffer Overflow? A buffer overflow occurs when a program or process attempts to write more data to a fixed length block of memory, or buffer, than the buffer is allocated to hold. Since buffers are created